Site Got Hacked? Google Offers Advice on Next Steps

Sadly, it is not uncommon to hear of a site that has recently been hacked. Google frequently has to deal with sites that get hacked and code gets injected into the site. If that happens, Google sometimes has to delist the site from showing in their index, because it harms the quality of their search results.

Look for scripts [usually php] that you did not write. Get rid of those, if you can. Sometimes permissions get hacked in unfriendly ways, so you may need to contact your host for help. Make sure to look for hidden files and files whose names start with ., too.

Call your webhost and have them check the directories above your site for sketchy files if you are on virtual hosting.

If you are running a CMS, image gallery, forum, or any other open source CGI application on your site, make sure it's up to date. Hackers often take advantage of known security holes in open source software by attacking sites that have not kept their CMS up to date.

You're also running cpanel. Have your host make sure it too is up- to-date. cPanel hacks can be nigh impossible to clean up with normal login permissions, so you will almost assuredly need your host's help to get rid of the injected scripts if this is the case.